ideas about modeling and testing of communication protocols

Update of ICAO RF and Protocol Test Specification

Introduction

Simultaneously the ICAO released updated and new versions of their ICAO test specifications for eMRTD and corresponding inspection systems. While the Technical Advisory Group (TAG) of ICAO endorsed the update on the ICAO website, from now on these test specifications can be referenced officially and can also be used for certification. Additionally, there is also a new test specification part 5 available focusing on PKI objects like certificates and revocation lists.

ISO7816_R_07: Positive test case to verify the behavior of a PACE-protected eMRTD in response to the INTERNAL AUTHENTICATE

Test suite ISO7816_T: New test cases for Chip Authentication (this tests were moved from BSI TR-03105 Part 3.2 with minor corrections and remove robustness test of invalid class bytes)

LDS_E_01: Test the LDS tag of the DG14 object

LDS_E_02: Test the ASN.1 encoding of the SecurityInfos for Chip Authentication

LDS_E_03: Test the ASN.1 encoding of the ChipAuthenticationPublicKeyInfo

LDS_E_04: Test the ASN.1 encoding of the ChipAuthenticationInfo

LDS_K_05: Test the ASN.1 encoding of a PCKS#7 signedData object

LDS_K_06: Test the value that is encoded into the signedData element

LDS_K_07: Test the SignerInfo element of the signedData structure

LDS_K_08: Test the signing certificate used to verify the EF.CardSecurity object

Modified test cases in Version 2.11

The ICAO test specification part 3 contains the following modified test cases:

ISO7816_A_2: SELECT Application command with CLA byte ‘8F’ is removed

ISO7816_C_15: Test case removed (invalid CLA byte)

ISO7816_C_19: Test case removed (invalid CLA byte)

ISO7816_D_2: Test case removed (invalid CLA byte)

ISO7816_E_2: Test case removed (invalid CLA byte)

ISO7816_F_2: Test case removed (invalid CLA byte)

ISO7816_G_2: Test case removed (invalid CLA byte)

ISO7816_P_04: Test case removed (invalid CLA byte)

ISO7816_P_18: Test case removed

ISO7816_P_37: Test case removed (invalid CLA byte)

ISO7816_P_38: Test case removed (invalid CLA byte)

ISO7816_P_39: Test case removed (invalid CLA byte)

ISO7816_P_40: Test case removed (invalid CLA byte)

ISO7816_P_66: Hint, that in test scenario step 1 the length encoding of DO ’80’ must be correct

ISO7816_P_67: Hint, that in test scenario step 1 the length encoding of DO ’80’ must be correct

ISO7816_R_01: Generic length encoding of APDU

ISO7816_R_02: Generic use of DO ’97’ and length encoding of APDU

ISO7816_R_03: Hint, that INTERNAL AUTHENTICATE command must use Secure Messaging if access control mechanism is supported

ISO7816_R_04: Hint, that INTERNAL AUTHENTICATE command must use Secure Messaging if access control mechanism is supported

ISO781_S_03: Padding indicator ’01’ in DO ’85’ is removed (odd ins)

ISO781_S_04: Padding indicator ’01’ in DO ’85’ is removed (odd ins)

LDS_A_03: In EF.COM there is also LDS version 1.8 accepted

LDS_A_05: Purpose of test case is corrected

LDS_C_04: Check that the number of Biometric Information Group Templates (BIGT) is one

LDS_D_04: Check also the LDS security object version in test scenario step 4; a future version of Doc9303 part 10 requires that the signedData certificates field in LDS v1.8
SHALL include the Document Signer Certificate (CDS)

LDS_D_06: Check that LDS Version Info element does not exist in test scenario step 8 and handle also LDS version 1.8 in this test case

LDS_D_07: Check that the validity period of the signing certificate MUST be within the validity period of the country signing certificate in test scenario step 4

Test suite LDS_E: Numbering of test cases has changed

LDS_E_07: Check also the hash algorithm output length of the signatureAlgorithm

LDS_J_05: ECDSA is also be handled in test scenario step 3 from now on

ICAO Test Specification Part 4 (Inspection Systems)

Also ICAO test specification part 4 version 2.11 is the result of a typical ISO process finalized by the same meetings in Paris and Tokyo of ISO SC17 WG3 TF4 mentioned above. Finally this specification contains also some interesting changes compared with the previous version 2.10 released in 2016:

Configuration of default EAC MRTD specifies EF.DG15

Specification of a default PACE-CAM protected eMRTD

Clarifications concerning PACE and PACE-CAM

Additionally, there are some clarifications and minor editorial changes.

LDS_D_39: Test case verifies that the inspection system checks the signature in EF.CardSecurity and detects an invalid signature

Modified test cases in Version 2.11

The ICAO test specification part 4 contains the following modified test cases:

ISO7816_C_01: Test case include three line MRZ from now on

ISO7816_C_03: Editorial correction of protocol name

ISO7816_C_29: Use new configuration for PACE CAM protected eMRTD

ISO7816_C_30: Use new configuration for PACE CAM protected eMRTD

ISO7816_C_31: Use new configuration for PACE CAM protected eMRTD

ISO7816_C_32: Use new configuration for PACE CAM protected eMRTD

ISO7816_C_33: Use new configuration for PACE CAM protected eMRTD

ISO7816_C_34: Use a special configuration to indicate that the IS performs Passive Authentication

ISO7816_C_36: Change context form PACE-CAM to PACE (CAM -> GM)

ISO7816_C_39: Use new configuration for PACE CAM protected eMRTD

ISO7816_E_01: Use signature production function B.6

ISO7816_E_02: Clarification of EF.DG14 and specification of EF.DG15 and using of signature production function B.6

ISO7816_E_03: Use signature production function B.6

ISO7816_E_04: Use signature production function B.6

ISO7816_E_05: Use signature production function B.6

ISO7816_E_06: Use signature production function B.6

ISO7816_E_07: Use signature production function B.6

ISO7816_E_08: Use signature production function B.6

ISO7816_E_09: Perform Active Authentication with B.6 method of ISO/IEC 9796-2 and use RSA-SHA1; Hint, that the RSA operation during AA must result in a value bigger than n/2 with n being the modulus to ensure that method B6 is really used in this test case